PCE-Based Traffic Engineering (TE) in Native IP NetworksChina TelecomBeiqijia TownChangping DistrictBeijing102209Chinawangaj3@chinatelecom.cnYandex LLCUlitsa Lva Tolstogo 16MoscowRussian Federationbhassanov@yahoo.comEtheric Networks1009 S Claremont StSan MateoCA94402United States of Americaqzhao@ethericnetworks.comFutureweiBostonMAUSAhuaimo.chen@futurewei.com
RTG Area
TEAS Working GroupThis document defines an architecture for providing traffic
engineering in a native IP network using multiple BGP sessions and a
Path Computation Element (PCE)-based central control mechanism. It
defines the Centralized Control Dynamic Routing (CCDR) procedures and
identifies needed extensions for the Path Computation Element
Communication Protocol (PCEP).Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are candidates for any level of Internet
Standard; see Section 2 of RFC 7841.
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
.
Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
() in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Table of Contents
. Introduction
. Terminology
. CCDR Architecture in a Simple Topology
. CCDR Architecture in a Large-Scale Topology
. CCDR Multiple BGP Sessions Strategy
. PCEP Extension for Critical Parameters Delivery
. Deployment Considerations
. Scalability
. High Availability
. Incremental Deployment
. Loop Avoidance
. E2E Path Performance Monitoring
. Security Considerations
. IANA Considerations
. References
. Normative References
. Informative References
Acknowledgments
Authors' Addresses
Introduction, based on an extension of the
PCE architecture described in , introduced a broader use applicability for a PCE as
a central controller. PCEP continues to be used as the
protocol between the PCE and the Path Computation Client (PCC). Building on that
work, this document describes a solution of using a PCE for centralized
control in a native IP network to provide end-to-end (E2E) performance
assurance and QoS for traffic. The solution combines the use of
distributed routing protocols and a centralized controller, referred to
as Centralized Control Dynamic Routing (CCDR). describes the scenarios and simulation
results for traffic engineering in a native IP network based on use of a
CCDR architecture. Per , the architecture for
traffic engineering in a native IP network should meet the following
criteria:
Same solution for native IPv4 and IPv6 traffic.
Support for intra-domain and inter-domain scenarios.
Achieve E2E traffic assurance, with determined QoS
behavior, for traffic requiring a service assurance (prioritized
traffic).
No changes in a router's forwarding behavior.
Based on centralized control through a distributed network
control plane.
Support different network requirements such as high traffic
volume and prefix scaling.
Ability to adjust the optimal path dynamically upon the changes
of network status. No need for reserving resources for physical links
in advance.
Building on the above documents, this document defines an
architecture meeting these requirements by using a strategy of multiple BGP sessions
and a PCE as the centralized controller. The architecture
depends on the central control element (PCE) to compute the optimal
path and utilizes the dynamic routing behavior of IGP and BGP for
forwarding the traffic.TerminologyThis document uses the following terms defined in :
PCE:
Path Computation Element
PCEP:
PCE Protocol
PCC:
Path Computation Client
Other terms are used in this document:
CCDR:
Centralized Control Dynamic Routing
E2E:
End to End
ECMP:
Equal-Cost Multipath
RR:
Route Reflector
SDN:
Software-Defined Network
CCDR Architecture in a Simple Topology illustrates the CCDR architecture for traffic engineering in
a simple topology. The topology is composed of four devices, which are
SW1, SW2, R1, and R2. There are multiple physical links between R1 and R2.
Traffic between prefix PF11 (on SW1) and prefix PF21 (on SW2) is normal
traffic; traffic between prefix PF12 (on SW1) and prefix PF22 (on SW2) is
priority traffic that should be treated accordingly.In the intra-domain scenario, IGP and BGP combined with a PCE are
deployed between R1 and R2. In the inter-domain scenario, only native
BGP is deployed. The traffic between each address pair may
change in real time and the corresponding source/destination addresses
of the traffic may also change dynamically.The key ideas of the CCDR architecture for this simple topology are
the following:
Build two BGP sessions between R1 and R2 via the different
loopback addresses on these routers (lo11 and lo12 are the loopback
addresses of R1, and lo21 and lo22 are the loopback addresses of R2).
Using the PCE, set the explicit peer route on R1 and R2 for BGP
next hop to different physical link addresses between R1 and R2. The
explicit peer route can be set in the format of a static route,
which is different from the route learned from IGP.
Send different prefixes via the established BGP sessions. For
example, send PF11/PF21 via the BGP session 1 and PF12/PF22 via the
BGP session 2.
After the above actions, the bidirectional traffic between the PF11
and PF21, and the bidirectional traffic between PF12 and PF22, will go
through different physical links between R1 and R2.If there is more traffic between PF12 and PF22 that needs assured
transport, one can add more physical links between R1 and R2 to reach
the next hop for BGP session 2. In this case, the prefixes that are
advertised by the BGP peers need not be changed.If, for example, there is bidirectional priority traffic from
another address pair (for example, prefix PF13/PF23), and the total
volume of priority traffic does not exceed the capacity of the
previously provisioned physical links, one need only advertise the newly
added source/destination prefixes via the BGP session 2. The
bidirectional traffic between PF13/PF23 will go through the same
assigned, dedicated physical links as the traffic between PF12/PF22.Such a decoupling philosophy of the IGP/BGP traffic link and the
physical link achieves a flexible control capability for the network
traffic, satisfying the needed QoS assurance to meet the application's
requirement. The router needs only to support native IP and multiple BGP
sessions set up via different loopback addresses.CCDR Architecture in a Large-Scale TopologyWhen the priority traffic spans a large-scale network, such as that
illustrated in , the multiple BGP sessions cannot be established
hop by hop within one autonomous system. For such a scenario, we propose using a Route
Reflector (RR) to achieve a similar effect.
Every edge router will establish two BGP sessions with the RR via
different loopback addresses respectively. The other steps for traffic
differentiation are the same as that described in the CCDR architecture
for the simple topology.As shown in , if we select R3 as the RR, every edge router (R1
and R7 in this example) will build two BGP sessions with the RR. If the
PCE selects the dedicated path as R1-R2-R4-R7, then the operator should
set the explicit peer routes via PCEP on these routers
respectively, pointing to the BGP next hop (loopback addresses of R1 and
R7, which are used to send the prefix of the priority traffic) to the
selected forwarding address.CCDR Multiple BGP Sessions StrategyGenerally, different applications may require different QoS criteria,
which may include:
Traffic that requires low latency and is not sensitive to packet
loss.
Traffic that requires low packet loss and can endure higher
latency.
Traffic that requires low jitter.
These different traffic requirements are summarized in .
Traffic Requirement Criteria
Prefix Set No.
Latency
Packet Loss
Jitter
1
Low
Normal
Don't care
2
Normal
Low
Don't care
3
Normal
Normal
Low
For Prefix Set No.1, we can select the shortest distance path to
carry the traffic; for Prefix Set No.2, we can select the path that has
E2E under-loaded links; for Prefix Set No.3, we can let traffic
pass over a determined single path, as no ECMP
distribution on the parallel links is desired.It is almost impossible to provide an E2E path
efficiently with latency, jitter, and packet loss constraints to meet
the above requirements in a large-scale, IP-based network only using a
distributed routing protocol, but these requirements can be met with the
assistance of PCE, as described in and
. The PCE will have the overall network view,
ability to collect the real-time network topology, and the network
performance information about the underlying network. The PCE can select
the appropriate path to meet the various network performance
requirements for different traffic.The architecture to implement the CCDR multiple BGP sessions strategy
is as follows:The PCE will be responsible for the optimal path computation for the
different priority classes of traffic:
PCE collects topology information via BGP-LS and link utilization information via the
existing Network Monitoring System (NMS) from the underlying
network.
PCE calculates the appropriate path based upon the application's
requirements and sends the key parameters to edge/RR routers (R1, R7,
and R3 in ) to establish multiple BGP sessions. The loopback
addresses used for the BGP sessions should be planned in advance and
distributed in the domain.
PCE sends the route information to the routers (R1, R2, R4, and R7 in
) on the forwarding path via PCEP to build the path to the
BGP next hop of the advertised prefixes. The path to these BGP
next hops will also be learned via IGP, but the route
from the PCEP has the higher preference. Such a design can assure the
IGP path to the BGP next hop can be used to protect the path
assigned by PCE.
PCE sends the prefix information to the PCC (edge routers that
have established BGP sessions) for advertising different prefixes
via the specified BGP session.
The priority traffic may share some links or nodes if the path the
shared links or nodes can meet the requirement of application. When
the priority traffic prefixes are changed, but the total volume of
priority traffic does not exceed the physical capacity of the
previous E2E path, the PCE needs only change the prefixes advertised
via the edge routers (R1 and R7 in ).
If the volume of priority traffic exceeds the capacity of the
previous calculated path, the PCE can recalculate and add the
appropriate paths to accommodate the exceeding traffic. After that,
the PCE needs to update the on-path routers to build the forwarding
path hop by hop.
PCEP Extension for Critical Parameters DeliveryPCEP needs to be extended to transfer the following
critical parameters:
Peer information that is used to build the BGP session.
Explicit route information for BGP next hop of advertised
prefixes.
Advertised prefixes and their associated BGP session.
Once the router receives such information, it should establish
the BGP session with the peer appointed in the PCEP message, build the
E2E dedicated path hop by hop, and advertise the prefixes that
are contained in the corresponding PCEP message.The dedicated path is preferred by making sure that the explicit
route created by PCE has the higher priority (lower route preference)
than the route information created by other dynamic protocols.All of the above dynamically created states (BGP sessions, explicit routes,
and advertised prefixes) will be cleared on the expiration of the
state timeout interval, which is based on the existing stateful PCE and PCE as a Central Controller (PCECC) mechanism.Regarding the BGP session, it is not different from that configured
manually or via Network Configuration Protocol (NETCONF) and YANG. Different BGP sessions are used mainly for
the clarification of the network prefixes, which can be differentiated
via the different BGP next hop. Based on this strategy, if we manipulate
the path to the BGP next hop, then the path to the prefixes that were
advertised with the BGP sessions will be changed accordingly. Details of
communications between PCEP and BGP subsystems in the router's control
plane are out of scope of this document.Deployment ConsiderationsScalabilityIn the CCDR architecture, only the edge routers that connect with
the PCE are responsible for the prefix advertisement via the
multiple BGP sessions deployment. The route information for these
prefixes within the on-path routers is distributed via BGP.
For multiple domain deployment, the PCE, or the pool of PCEs
responsible for these domains, needs only to control the edge router
to build the multiple External BGP (EBGP) sessions; all other procedures are the same
as within one domain.The on-path router needs only to keep the specific policy routes
for the BGP next hop of the differentiated prefixes, not the specific
routes to the prefixes themselves. This lessens the burden of the
table size of policy-based routes for the on-path routers; and has
more expandability compared with BGP Flowspec or OpenFlow solutions.
For example, if we want to differentiate 1,000 prefixes from the normal
traffic, CCDR needs only one explicit peer route in every on-path
router, whereas the BGP Flowspec or OpenFlow solutions need 1,000
policy routes on them.High AvailabilityThe CCDR architecture is based on the use of native IP.
If the PCE fails, the forwarding plane will not be impacted,
as the BGP sessions between all the devices will not flap, and the
forwarding table remains unchanged.If one node on the optimal path fails, the priority traffic will
fall over to the best-effort forwarding path. One can even design
several paths to load balance or to create a hot standby
of the priority traffic to meet a path failure situation.For ensuring high availability of a PCE/SDN-controllers
architecture, an operator should rely on existing high availability
solutions for SDN controllers, such as clustering technology and
deployment.Incremental DeploymentNot every router within the network needs to support the necessary
PCEP extension. For such situations, routers on the edge of a domain
can be upgraded first, and then the traffic can be prioritized between
different domains. Within each domain, the traffic will be forwarded
along the best-effort path. A service provider can selectively upgrade
the routers on each domain in sequence.Loop AvoidanceA PCE needs to assure calculation of the E2E path based on the
status of network and the service requirements in real-time.The PCE needs to consider the explicit route deployment order (for
example, from tail router to head router) to eliminate any possible
transient traffic loop.E2E Path Performance MonitoringIt is necessary to deploy the corresponding E2E path performance
monitoring mechanism to assure that the delay, jitter, or packet
loss index meets the original path performance aim. The performance
monitoring results should provide feedback to the PCE in order for it to accomplish the
re-optimization process and send the update control message to the related PCC if
necessary. Traditional OAM methods (ping, trace) can be used.Security ConsiderationsThe setup of BGP sessions, prefix advertisement, and explicit peer
route establishment are all controlled by the PCE. See and for BGP security
considerations. The Security Considerations found in
and should be considered. To prevent a bogus
PCE sending harmful messages to the network nodes, the network devices
should authenticate the validity of the PCE and ensure a secure
communication channel between them. Mechanisms described in should be used.The CCDR architecture does not require changes to the forwarding
behavior of the underlay devices. There are no additional security
impacts on these devices.IANA ConsiderationsThis document has no IANA actions.ReferencesNormative ReferencesA Border Gateway Protocol 4 (BGP-4)This document discusses the Border Gateway Protocol (BGP), which is an inter-Autonomous System routing protocol.The primary function of a BGP speaking system is to exchange network reachability information with other BGP systems. This network reachability information includes information on the list of Autonomous Systems (ASes) that reachability information traverses. This information is sufficient for constructing a graph of AS connectivity for this reachability from which routing loops may be pruned, and, at the AS level, some policy decisions may be enforced.BGP-4 provides a set of mechanisms for supporting Classless Inter-Domain Routing (CIDR). These mechanisms include support for advertising a set of destinations as an IP prefix, and eliminating the concept of network "class" within BGP. BGP-4 also introduces mechanisms that allow aggregation of routes, including aggregation of AS paths.This document obsoletes RFC 1771. [STANDARDS-TRACK]BGP Security Vulnerabilities AnalysisBorder Gateway Protocol 4 (BGP-4), along with a host of other infrastructure protocols designed before the Internet environment became perilous, was originally designed with little consideration for protection of the information it carries. There are no mechanisms internal to BGP that protect against attacks that modify, delete, forge, or replay data, any of which has the potential to disrupt overall network routing behavior.This document discusses some of the security issues with BGP routing data dissemination. This document does not discuss security issues with forwarding of packets. This memo provides information for the Internet community.BGP Route Reflection: An Alternative to Full Mesh Internal BGP (IBGP)The Border Gateway Protocol (BGP) is an inter-autonomous system routing protocol designed for TCP/IP internets. Typically, all BGP speakers within a single AS must be fully meshed so that any external routing information must be re-distributed to all other routers within that Autonomous System (AS). This represents a serious scaling problem that has been well documented with several alternatives proposed.This document describes the use and design of a method known as "route reflection" to alleviate the need for "full mesh" Internal BGP (IBGP).This document obsoletes RFC 2796 and RFC 1966. [STANDARDS-TRACK]Path Computation Element (PCE) Communication Protocol (PCEP)This document specifies the Path Computation Element (PCE) Communication Protocol (PCEP) for communications between a Path Computation Client (PCC) and a PCE, or between two PCEs. Such interactions include path computation requests and path computation replies as well as notifications of specific states related to the use of a PCE in the context of Multiprotocol Label Switching (MPLS) and Generalized MPLS (GMPLS) Traffic Engineering. PCEP is designed to be flexible and extensible so as to easily allow for the addition of further messages and objects, should further requirements be expressed in the future. [STANDARDS-TRACK]North-Bound Distribution of Link-State and Traffic Engineering (TE) Information Using BGPIn a number of environments, a component external to a network is called upon to perform computations based on the network topology and current state of the connections within the network, including Traffic Engineering (TE) information. This is information typically distributed by IGP routing protocols within the network.This document describes a mechanism by which link-state and TE information can be collected from networks and shared with external components using the BGP routing protocol. This is achieved using a new BGP Network Layer Reachability Information (NLRI) encoding format. The mechanism is applicable to physical and virtual IGP links. The mechanism described is subject to policy control.Applications of this technique include Application-Layer Traffic Optimization (ALTO) servers and Path Computation Elements (PCEs).Path Computation Element Communication Protocol (PCEP) Extensions for Stateful PCEThe Path Computation Element Communication Protocol (PCEP) provides mechanisms for Path Computation Elements (PCEs) to perform path computations in response to Path Computation Client (PCC) requests.Although PCEP explicitly makes no assumptions regarding the information available to the PCE, it also makes no provisions for PCE control of timing and sequence of path computations within and across PCEP sessions. This document describes a set of extensions to PCEP to enable stateful control of MPLS-TE and GMPLS Label Switched Paths (LSPs) via PCEP.PCEPS: Usage of TLS to Provide a Secure Transport for the Path Computation Element Communication Protocol (PCEP)The Path Computation Element Communication Protocol (PCEP) defines the mechanisms for the communication between a Path Computation Client (PCC) and a Path Computation Element (PCE), or among PCEs. This document describes PCEPS -- the usage of Transport Layer Security (TLS) to provide a secure transport for PCEP. The additional security mechanisms are provided by the transport protocol supporting PCEP; therefore, they do not affect the flexibility and extensibility of PCEP.This document updates RFC 5440 in regards to the PCEP initialization phase procedures.An Architecture for Use of PCE and the PCE Communication Protocol (PCEP) in a Network with Central ControlThe Path Computation Element (PCE) is a core component of Software- Defined Networking (SDN) systems. It can compute optimal paths for traffic across a network and can also update the paths to reflect changes in the network or traffic demands.PCE was developed to derive paths for MPLS Label Switched Paths (LSPs), which are supplied to the head end of the LSP using the Path Computation Element Communication Protocol (PCEP).SDN has a broader applicability than signaled MPLS traffic-engineered (TE) networks, and the PCE may be used to determine paths in a range of use cases including static LSPs, segment routing, Service Function Chaining (SFC), and most forms of a routed or switched network. It is, therefore, reasonable to consider PCEP as a control protocol for use in these environments to allow the PCE to be fully enabled as a central controller.This document briefly introduces the architecture for PCE as a central controller, examines the motivations and applicability for PCEP as a control protocol in this environment, and introduces the implications for the protocol. A PCE-based central controller can simplify the processing of a distributed control plane by blending it with elements of SDN and without necessarily completely replacing it.This document does not describe use cases in detail and does not define protocol extensions: that work is left for other documents.Informative ReferencesA Path Computation Element (PCE)-Based ArchitectureConstraint-based path computation is a fundamental building block for traffic engineering systems such as Multiprotocol Label Switching (MPLS) and Generalized Multiprotocol Label Switching (GMPLS) networks. Path computation in large, multi-domain, multi-region, or multi-layer networks is complex and may require special computational components and cooperation between the different network domains.This document specifies the architecture for a Path Computation Element (PCE)-based model to address this problem space. This document does not attempt to provide a detailed description of all the architectural components, but rather it describes a set of building blocks for the PCE architecture from which solutions may be constructed. This memo provides information for the Internet community.Scenarios and Simulation Results of PCE in a Native IP NetworkRequirements for providing the End-to-End (E2E) performance assurance are emerging within the service provider networks. While there are various technology solutions, there is no single solution that can fulfill these requirements for a native IP network. In particular, there is a need for a universal E2E solution that can cover both intra- and inter-domain scenarios.One feasible E2E traffic-engineering solution is the addition of central control in a native IP network. This document describes various complex scenarios and simulation results when applying the Path Computation Element (PCE) in a native IP network. This solution, referred to as Centralized Control Dynamic Routing (CCDR), integrates the advantage of using distributed protocols and the power of a centralized control technology, providing traffic engineering for native IP networks in a manner that applies equally to intra- and inter-domain scenarios.AcknowledgmentsThe author would like to thank , ,
, , , , , , , , ,
, , , , , , , , and for
their supports and comments on this document.Authors' AddressesChina TelecomBeiqijia TownChangping DistrictBeijing102209Chinawangaj3@chinatelecom.cnYandex LLCUlitsa Lva Tolstogo 16MoscowRussian Federationbhassanov@yahoo.comEtheric Networks1009 S Claremont StSan MateoCA94402United States of Americaqzhao@ethericnetworks.comFutureweiBostonMAUSAhuaimo.chen@futurewei.com